Amazon AWS

AWS Certified Solutions Architect – Associate

SAA-C03

Popular Trending

The AWS Certified Solutions Architect – Associate (SAA-C03) exam tests your ability to design distributed systems on AWS. It is one of the most sought-after certifications in the cloud domain.

483 questions 0 views Free

Start Mock Test Timed · Full-length · Scored

Q321

What happens when a Security Group is modified to remove rules for an active EC2 instance?

A Traffic stops immediately
B Traffic continues until restart
C Instance automatically terminates
D No impact on current sessions

Explanation Removing rules does not disrupt existing connections, but prevents new ones based on the new rules.

Q322

Which service provides a managed Kubernetes experience on AWS?

A Amazon EKS
B Amazon ECS
C AWS Lambda
D Amazon RDS

Explanation Amazon EKS specifically offers a managed Kubernetes service, while the others serve different purposes.

Q323

A company needs to ensure low-latency access to its S3 objects from multiple geographic regions. What should they configure?

A S3 Transfer Acceleration
B S3 Cross-Region Replication
C CloudFront Distribution
D S3 Event Notification

Explanation CloudFront provides low-latency, regional access through caching, while the other options do not optimize for latency in this way.

Q324

You are configuring IAM Roles for EC2 instances. What happens when an instance assumes a role with limited permissions?

A Limits access for the instance only.
B Grants all AWS services access.
C No access if permission revoked.
D Permits access until role is deleted.

Explanation Permissions are limited to what the role allows, while other options incorrectly describe AWS behavior.

Q325

Which service provides serverless compute for containers?

A AWS Fargate
B Amazon EC2
C AWS Lambda
D AWS Batch

Explanation AWS Fargate offers serverless compute, while EC2, Lambda, and Batch have different architectures or use cases.

Q326

A company needs to integrate an on-premises data store with AWS while maintaining low latency during access. Which AWS service should they use?

A AWS Storage Gateway
B Amazon RDS
C AWS Snowball
D Amazon VPC

Explanation AWS Storage Gateway facilitates seamless integration with real-time data access, unlike the other options.

Q327

You are configuring an IAM policy that allows access to a specific S3 bucket. What happens if the bucket policy denies access?

A Access is allowed due to IAM policy.
B Access is denied regardless of IAM.
C Access is granted for IAM users.
D Access depends on S3 bucket permissions.

Explanation A deny in the bucket policy overrides any IAM permissions given, thus access is blocked.

Q328

Which service can provide consistent low-latency access for globally distributed applications?

A Amazon ElastiCache
B Amazon RDS
C AWS Global Accelerator
D Amazon DynamoDB

Explanation AWS Global Accelerator improves performance by routing traffic to optimal endpoints, providing low-latency access globally. ElastiCache is for caching, RDS is for databases, and DynamoDB is not optimized for latency.

Q329

A company needs to deliver a software package to many users while ensuring tamper-proof integrity and immutability; which service fits best?

A AWS Lambda
B Amazon S3 with Object Lock
C AWS CodeDeploy
D Amazon EC2

Explanation Amazon S3 with Object Lock ensures data cannot be deleted or altered, providing needed integrity and immutability. Lambda is for code execution, CodeDeploy is for deployment, and EC2 is a compute service.

Q330

What happens when an IAM role is assumed by an EC2 instance?

A The instance gets manual permissions only
B Temporary credentials are granted
C Permanent access is granted
D The role becomes disabled

Explanation When an IAM role is assumed, the EC2 instance receives temporary security credentials that allow it to access assigned resources. Manual permissions and permanent access options are incorrect, as roles provide temporary access.